package com.itheima.reggie.filter;

import com.alibaba.fastjson.JSON;
import com.itheima.reggie.common.BaseContext;
import com.itheima.reggie.common.R;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.AntPathMatcher;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

@Slf4j
@WebFilter(filterName = "LoginCheckFilter",urlPatterns = "/*")
public class LoginCheckFilter implements Filter {
    //定义无需校验的URL
    private static final String[] NOT_CHECK_URLS = new String[]{
            "/employee/login",
            "/employee/logout",
            "/backend/**",
            "/front/**",
            "/common/**",
            "/user/sendMsg",
            "/user/login"
    };

    //路径匹配器,支持通配符
    public static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest)servletRequest;
        HttpServletResponse resp = (HttpServletResponse)servletResponse;

//        A. 获取本次请求的URI
        String uri = req.getRequestURI();

//        B. 判断本次请求, 是否需要登录, 才可以访问
        boolean ifcheck = checkUrI(uri);

//        C. 如果不需要，则直接放行
        if (!ifcheck){
            log.info("请求的uri:{}",uri);
//            chain.doFilter(req,resp);
            filterChain.doFilter(req,resp);
            return;
        }

//        D. 判断登录状态，如果已登录，则直接放行
        if (req.getSession().getAttribute("employee")!=null){
            log.info("请求的uri:{},无需校验,直接放行",uri);

            Long empId = (Long) req.getSession().getAttribute("employee");
            BaseContext.setCurrentId(empId);//存入

            filterChain.doFilter(req,resp);

            BaseContext.removeCurrentId();//删除
            return;
        }

        if (req.getSession().getAttribute("user")!=null){
            log.info("用户已登录，用户id为：{}",req.getSession().getAttribute("user"));

            Long userId = (Long) req.getSession().getAttribute("user");
            BaseContext.setCurrentId(userId);//存入

            filterChain.doFilter(req,resp);

            BaseContext.removeCurrentId();//删除
            return;
        }
//        E. 如果未登录, 则返回未登录结果
        log.info("用户访问的uri为{},由于用户未登录,直接返回未登录结果,跳转登录页面",uri);
        resp.getWriter().write(JSON.toJSONString(R.error("NOTLOGIN")));
    }

    private boolean checkUrI(String uri) {
        for (String notCheckUrl : NOT_CHECK_URLS) {
            if (PATH_MATCHER.match(notCheckUrl,uri)){
                return false;
            }
        }
        return true;
    }
}
